Chong, Wei Feng (2022) Multicast group key management on the internet of medical things using zero knowledge protocol. Final Year Project, UTAR.
Abstract
As the world moving into industrial revolution 4.0 era, many industries as well as residential areas are adopting Internet of Things (IoT) for its convenience. Healthcare sectors such as hospitals and clinics nowadays are transitioning from traditional devices to IoT devices, where Internet of Medical Things (IoMT) are born. These devices enable real-time monitoring and minimise the need of medical professionals for non-severe situations. Thus, hospital personnel and patients’ sensitive data will be transmitted through the Internet which supposedly need to be handle in care. However, due to the insufficient security measure, cybercriminals utilise the loopholes and perform cyberattacks for various purposed, which in worse case may lead to lifethreatening events. Hence, authentication remains the key requirement in this matter. Group Key Management had been a popular topic to be discovered in order to maintain the truthfulness of the IoT environment. Unfortunately, the exchange of the group keys among IoT nodes in current group key management protocols can be easily intrude by third-party through Man-in-the-Middle attacks. To overcome the problems, zero knowledge protocol that meet 3 properties, completeness, soundness, and zero-knowledge, is proposed in this project. CupCarbon IoT 5.0 is used as the simulation tool to perform modelling and performance study. This report provides a real-life situation where sensor nodes in an IoT network will choose a leader node to establish the key distribution using zero-knowledge before the nodes are recognised as a network. After the performance study of this project, the group key distribution scheme is proven to be secured whereby the key is distributed successfully without transmitting the actual key. This greatly mitigate the chance of MITM is occur in the multicast group. In addition, when an unknown node joined the multicast group, the node will not receive the identical group key of the group, thus it will not be authenticated and banned from communicating within the multicast group.
Actions (login required)